Issue creating TOTP for ldap

gwlim · May 27, 2022, 1:04pm

I am having issue enabling TOTP after authentication with LDAP
LDAP Login without TOTP works fine
I followed this guide without facing any errors
Active Directory Auth Method with TOTP Login MFA | Vault - HashiCorp Learn
However the TOTP does not work after login
The server does not show any errors when debugging is enabled

vault login -method=ldap username=user
Password (will be hidden):
Enter the passphrase for methodID "9b6bbfbb-9e62-db24-7d98-d105172283d4" of type "totp":
Error making API request.

URL: PUT http://172.17.0.2:8200/v1/sys/mfa/validate
Code: 403. Errors:

* failed to satisfy enforcement adtotp. error: 2 errors occurred:
        * failed to validate TOTP passcode
        * login MFA validation failed for methodID: [9b6bbfbb-9e62-db24-7d98-d105172283d4]

theJaxon · June 28, 2022, 1:13pm

I’m facing the same problem, I followed same guide but with userpass auth method and i’m getting the exact same error

theJaxon · July 6, 2022, 2:24pm

Following MFA Login with Vault TOTP | docmoa
It only worked with SHA1 TOTP Algorithm

mircea-c · October 26, 2022, 7:08pm

Can confirm that I’ve ran into the same issue and it only worked when I switched to SHA1 TOTP Algorithm

emrocha · November 4, 2022, 8:12pm

Same issue here. It only worked with SHA1 TOTP Algorithm

L-69 · April 12, 2023, 9:14am

How to bind the totp key with the ldap entity

braulio.gomes · June 3, 2025, 4:16am

Has anyone managed to solve this problem, I have the same problem with Google Authenticator, but using SHA1

Topic		Replies	Views
LDAP MFA with Vault Vault	6	391	April 13, 2023
Can't autenticate using Login MFA by CLI Vault vault	1	147	May 26, 2023
Vault Login LDAP + Google Authenticator Vault vault	3	766	May 20, 2022
TOTP self-service registration Vault vault	0	364	May 16, 2023
User MFA registration without administrative interaction Vault vault	0	171	December 18, 2023

Issue creating TOTP for ldap

Related topics